Eggdev: Re: [cvslog] (2007-10-17 07:42:51 UTC) Module eggdrop1.6: Change committed!

Will Buckner wcc at techmonkeys.org
Wed Oct 17 01:45:21 CST 2007


Not set up to test this right now... can anyone test briefly? It 
compiles... :P

Will

cvslog wrote:
> CVSROOT    : /usr/local/cvsroot
> Module     : eggdrop1.6
> Commit time: 2007-10-17 07:42:50 UTC
> Commited by: Will Buckner <wcc at techmonkeys.org>
>
> Modified files:
>      doc/UPDATES1.6 src/mod/server.mod/servmsg.c
>
> Log message:
>
> - Fixed two buffer overflows in servmsg.c.
> * Found by: Bow Sineath - Patch by: Nico Golde / Wcc
>
> ---------------------- diff included ----------------------
> Index: eggdrop1.6/doc/UPDATES1.6
> diff -u eggdrop1.6/doc/UPDATES1.6:1.632 eggdrop1.6/doc/UPDATES1.6:1.633
> --- eggdrop1.6/doc/UPDATES1.6:1.632	Mon Nov 20 05:38:25 2006
> +++ eggdrop1.6/doc/UPDATES1.6	Wed Oct 17 02:42:40 2007
> @@ -1,4 +1,4 @@
> -$Id: UPDATES1.6,v 1.632 2006-11-20 11:38:25 tothwolf Exp $
> +$Id: UPDATES1.6,v 1.633 2007-10-17 07:42:40 wcc Exp $
>  
>  Eggdrop Changes (since v1.6.0)
>      _____________________________________________________________________
> @@ -12,6 +12,9 @@
>  
>  
>    1.6.19:
> +    - Fixed two buffer overflows in servmsg.c.
> +    * Found by: Bow Sineath - Patch by: Nico Golde / Wcc
> +
>      - Fixed compatibility problems with certain time_t implementations.
>      * Found by: various - Patch by: Tothwolf
>  
> Index: eggdrop1.6/src/mod/server.mod/servmsg.c
> diff -u eggdrop1.6/src/mod/server.mod/servmsg.c:1.92 eggdrop1.6/src/mod/server.mod/servmsg.c:1.93
> --- eggdrop1.6/src/mod/server.mod/servmsg.c:1.92	Fri Apr 20 23:38:29 2007
> +++ eggdrop1.6/src/mod/server.mod/servmsg.c	Wed Oct 17 02:42:40 2007
> @@ -1,7 +1,7 @@
>  /*
>   * servmsg.c -- part of server.mod
>   *
> - * $Id: servmsg.c,v 1.92 2007-04-21 04:38:29 wcc Exp $
> + * $Id: servmsg.c,v 1.93 2007-10-17 07:42:40 wcc Exp $
>   */
>  /*
>   * Copyright (C) 1997 Robey Pointer
> @@ -461,7 +461,7 @@
>    to = newsplit(&msg);
>    fixcolon(msg);
>    /* Only check if flood-ctcp is active */
> -  strcpy(uhost, from);
> +  strncpyz(uhost, from, sizeof(buf));
>    nick = splitnick(&uhost);
>    if (flud_ctcp_thr && detect_avalanche(msg)) {
>      if (!ignoring) {
> @@ -471,7 +471,7 @@
>          p++;
>        else
>          p = uhost;
> -      simple_sprintf(ctcpbuf, "*!*@%s", p);
> +      egg_snprintf(ctcpbuf, sizeof(ctcpbuf), "*!*@%s", p);
>        addignore(ctcpbuf, botnetnick, "ctcp avalanche",
>                  now + (60 * ignore_time));
>      }
> @@ -486,8 +486,12 @@
>        p++;
>      if (*p == 1) {
>        *p = 0;
> -      ctcp = strcpy(ctcpbuf, p1);
> -      strcpy(p1 - 1, p + 1);
> +      strncpyz(ctcpbuf, p1, sizeof(ctcpbuf));
> +      ctcp = p1;
> +      /* copy the part after the second : in front of it after
> +       * the first :, this is temporary copied to ctcpbuf */
> +      strncpy(p1 - 1, p + 1, strlen(ctcpbuf) - 1);
> +
>        if (!ignoring)
>          detect_flood(nick, uhost, from,
>                       strncmp(ctcp, "ACTION ", 7) ? FLOOD_CTCP : FLOOD_PRIVMSG);
> ----------------------- End of diff -----------------------
>
>   




More information about the Eggdev mailing list